tog-pegasus

OpenPegasus WBEM Services for Linux

Go to file

DistroBaker fe7b9bd60f Merged update from upstream sources This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/tog-pegasus.git#9ebeb5fc02c33c6397623526ac99ce95806fe791		2021-02-05 07:44:19 +01:00
.gitignore	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
access.conf	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
cimprovagt-wrapper.sh	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
cmpiOSBase_OperatingSystemProvider-cimprovagt.example	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
generate-certs	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus_arch_alternatives	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus_rpm_build_env.sh	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.5.1-pam-wbem.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.5.1-warnings.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.7.0-PIE.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.7.0-snmp-tests.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.9.0-cmpi-provider-lib.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.9.0-local-or-remote-auth.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.9.0-no-rpath.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.9.0-redhat-config.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.9.0-sparc.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.9.1-getpagesize.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.10.0-dont-strip.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.10.0-sparc-posix-lock.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.12.0-cimmofl-allow-experimental.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.12.0-empty_arrays.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.12.0-null_value.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.12.0-schema-version-and-includes.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.13.0-enable-subscriptions-for-nonprivileged-users.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.13.0-gcc5-build.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.14.1-add-pegwsmserver-to-ldd-libs.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.14.1-build-fixes.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.14.1-cimconfig-man-page-fixes.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.14.1-crypto-policy-compliance.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.14.1-fix-setup-sdk-ppc64le.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.14.1-fix-setup-sdk.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.14.1-fix-Wreserved-user-defined-literal.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.14.1-openssl-1.1-fix.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.14.1-snmpv3-trap.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.14.1-ssl-cert-path.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.14.1-ssl-include.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
pegasus-2.14.1-tesid.patch	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
README.RedHat.Security	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
README.RedHat.SSL	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
repupgrade.1.gz	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
rpm_build_env	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
snmptrapd.conf	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
sources	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
tog-pegasus.service	Merged update from upstream sources	2020-12-16 23:01:21 +00:00
tog-pegasus.spec	Merged update from upstream sources	2021-02-03 05:54:14 +00:00
tog-pegasus.tmpfiles	Merged update from upstream sources	2020-12-16 23:01:21 +00:00

README.RedHat.SSL

              Red Hat SSL configuration for tog-pegasus
              ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

   The Red Hat tog-pegasus package is built with support for SSL
   (the Secure Socket Layer).
   Note: the upstream documentation for SSL is located here:
   /usr/share/doc/tog-pegasus/PegasusSSLGuidelines.htm
   However, because the upstream documentation for SSL is not up-to-date
   (it was last updated in March, 2006, around the time of the
   OpenPegasus-2.5.1 release), nor accurate, we are providing this short
   description of how to configure SSL, as well as how it should be used.

 Hard-Coded Build-Time Constants:
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

   Here is the list of constants which are hard-coded during build time:

   PEGASUS_CONFIG_DIR = /etc/Pegasus

   PEGASUS_PEM_DIR = /etc/pki/Pegasus

   PEGASUS_SSL_KEY_FILE = file.pem
   PEGASUS_SSL_KEY_FILE_PATH = $(PEGASUS_PEM_DIR)/$(PEGASUS_SSL_KEY_FILE)
                  (= /etc/pki/Pegasus/file.pem)
   o Contains the private key for the CIM Server SSL Certificate.

   PEGASUS_SSL_CERT_FILE = server.pem
   PEGASUS_SSL_CERT_FILE_PATH = $(PEGASUS_PEM_DIR)/$(PEGASUS_SSL_CERT_FILE)
                             (= /etc/pki/Pegasus/server.pem)
   o Contains the CIM Server SSL Certificate.

   PEGASUS_SSL_TRUSTSTORE = client.pem
   PEGASUS_SSL_CLIENT_TRUSTSTORE = $(PEGASUS_PEM_DIR)/$(PEGASUS_SSL_TRUSTSTORE)
                                (= /etc/pki/Pegasus/client.pem)
   PEGASUS_SSL_SERVER_TRUSTSTORE = $(PEGASUS_PEM_DIR)/cimserver_trust
                                (= /etc/pki/Pegasus/cimserver_trust)
   o Specifies the location of the OpenSSL truststore. Consistent with the
     OpenSSL implementation, a truststore can be either a file or directory.
     If the truststore is a directory, then all certificates within the
     directory are considered trusted.

   PEGASUS_SSL_SERVER_CRL = $(PEGASUS_PEM_DIR)/crl
                         (= /etc/pki/Pegasus/crl)
   o This is where the CRL (Certificate Revocation List) store resides.

 Tips Following Package Installation:
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

   o CIM Server default SSL certificates are generated when you run the
     tog-pegasus daemon (for example, by issuing the command
     "systemctl start tog-pegasus") for the first time, which includes the
     following files, which are created in /etc/pki/Pegasus: ca.crt, ca.srl,
     client.pem, file.pem, server.pem and in /etc/Pegasus: ssl-ca.cnf,
     ssl-service.cnf.
     Important: simply running the "cimserver" binary (/usr/sbin/cimserver)
     does NOT create the certificates or abovementioned files.
     Note: if you want to use your own certificates, simply overwrite the ones
     in /etc/pki/Pegasus.

   o to enable/disable HTTPS port 5989 (the official WBEM secure port),
     use cimconfig.

   o the wbemcli command (from the sblim-wbemcli package)
     uses /etc/pki/Pegasus/client.pem by default (see man wbemcli).